Privacy risk analysis and metrics in capturing and storing network traffic

Network traffic analysis is a process of paramount importance to monitor network availability and operational activity, identify anomalies, maximize performance, find threats, and detect attacks. Due to this fact, in everyday work network managers need to capture, analyze and store a tremendous amount of data which can definitely be classified as 'Big Data'. On the other side, it is crucial to point out that the captured network traffic has significant privacy implications, in particular in the territorial scope of GDPR or other similar regulations because, according to GDPR, not only the payload but also the IP address of the sender and the receiver of packets have to be considered personal data. This paper deals with the privacy issues related to network traffic capture/processing/storage, the risks, and the associated mitigation techniques. As a conclusion of the work, a privacy risk analysis using PIA, together with the methodology developed by the French Data Protection Authority (CNIL) is discussed. The analysis performed highlights the effect of the use of some well-known anonymization and pseudonymization techniques on the severity and likelihood of risk.